diff --git a/nixos/hosts/suwako-vie0/default.nix b/nixos/hosts/suwako-vie0/default.nix index 5e7823e..a15541f 100644 --- a/nixos/hosts/suwako-vie0/default.nix +++ b/nixos/hosts/suwako-vie0/default.nix @@ -11,8 +11,9 @@ services.caddy services.keycloak services.knot.secondary - services.matrix.synapse services.matrix.heisenbridge + services.matrix.mautrix-telegram + services.matrix.synapse services.miniflux services.ntfy services.postgresql diff --git a/nixos/modules/networking/ports.nix b/nixos/modules/networking/ports.nix index 775bd4f..9ed260e 100644 --- a/nixos/modules/networking/ports.nix +++ b/nixos/modules/networking/ports.nix @@ -21,6 +21,7 @@ in miniflux = 4020; matrix-synapse = 4030; heisenbridge = 4031; + mautrix-telegram = 4032; # public ports enthalpy-ipsec = 13000; diff --git a/nixos/profiles/services/matrix/mautrix-telegram.nix b/nixos/profiles/services/matrix/mautrix-telegram.nix new file mode 100644 index 0000000..7291b56 --- /dev/null +++ b/nixos/profiles/services/matrix/mautrix-telegram.nix @@ -0,0 +1,142 @@ +{ + config, + pkgs, + mylib, + ... +}: +{ + sops.secrets."mautrix_telegram_appservice_hs_token" = { + opentofu = { + enable = true; + }; + }; + + sops.secrets."mautrix_telegram_appservice_as_token" = { + opentofu = { + enable = true; + }; + }; + + sops.secrets."synapse/mautrix-telegram-bot-token" = { + sopsFile = config.sops.secretFiles.host; + }; + + services.matrix-synapse.settings = { + app_service_config_files = [ "/run/credentials/matrix-synapse.service/mautrix-telegram" ]; + }; + + systemd.services.matrix-synapse.serviceConfig = { + LoadCredential = [ + "mautrix-telegram:${config.sops.templates."mautrix_telegram_appservice_registration".path}" + ]; + }; + + sops.templates."mautrix_telegram_appservice_registration" = { + content = builtins.toJSON { + id = "telegram"; + namespaces = { + aliases = [ + { + exclusive = true; + regex = "\\#telegram_.*:rebmit\\.moe"; + } + ]; + rooms = [ ]; + users = [ + { + exclusive = true; + regex = "@telegram_.*:rebmit\\.moe"; + } + { + exclusive = true; + regex = "@telegrambot:rebmit\\.moe"; + } + ]; + }; + rate_limited = false; + sender_localpart = "mautrix-telegram"; + url = "http://127.0.0.1:${toString config.networking.ports.mautrix-telegram}"; + as_token = config.sops.placeholder."mautrix_telegram_appservice_as_token"; + hs_token = config.sops.placeholder."mautrix_telegram_appservice_hs_token"; + de.sorunome.msc2409.push_ephemeral = true; + push_ephemeral = true; + }; + restartUnits = [ + "matrix-synapse.service" + ]; + }; + + sops.templates."mautrix_telegram_config" = { + content = '' + MAUTRIX_TELEGRAM_APPSERVICE_AS_TOKEN=${ + config.sops.placeholder."mautrix_telegram_appservice_as_token" + } + MAUTRIX_TELEGRAM_APPSERVICE_HS_TOKEN=${ + config.sops.placeholder."mautrix_telegram_appservice_hs_token" + } + MAUTRIX_TELEGRAM_TELEGRAM_BOT_TOKEN=${config.sops.placeholder."synapse/mautrix-telegram-bot-token"} + ''; + restartUnits = [ + "mautrix-telegram.service" + ]; + }; + + services.mautrix-telegram = { + enable = true; + environmentFile = config.sops.templates."mautrix_telegram_config".path; + serviceDependencies = [ config.systemd.services.matrix-synapse.name ]; + settings = { + homeserver = { + address = "http://127.0.0.1:${toString config.networking.ports.matrix-synapse}"; + domain = config.services.matrix-synapse.settings.server_name; + }; + appservice = { + id = "telegram"; + address = "http://127.0.0.1:${toString config.networking.ports.mautrix-telegram}"; + database = "postgres:///mautrix-telegram?host=/run/postgresql"; + hostname = "127.0.0.1"; + port = config.networking.ports.mautrix-telegram; + provisioning.enabled = false; + }; + bridge = { + displayname_template = "{displayname}"; + public_portals = true; + delivery_error_reports = true; + incoming_bridge_error_reports = true; + bridge_matrix_leave = false; + relay_user_distinguishers = [ ]; + create_group_on_invite = false; + animated_sticker = { + target = "webp"; + convert_from_webm = true; + }; + permissions = { + "*" = "relaybot"; + "@rebmit:rebmit.moe" = "admin"; + }; + relaybot = { + authless_portals = false; + }; + encryption = { + allow = true; + }; + }; + telegram = { + api_id = 611335; + api_hash = "d524b414d21f4d37f08684c1df41ac9c"; + device_info = { + app_version = pkgs.tdesktop.version; + }; + force_refresh_interval_seconds = 3600; + }; + logging = { + loggers = { + mau.level = "WARNING"; + telethon.level = "WARNING"; + }; + }; + }; + }; + + systemd.services.mautrix-telegram.serviceConfig = mylib.misc.serviceHardened; +} diff --git a/secrets/hosts/opentofu/suwako-vie0.yaml b/secrets/hosts/opentofu/suwako-vie0.yaml index 0475e64..d428768 100644 --- a/secrets/hosts/opentofu/suwako-vie0.yaml +++ b/secrets/hosts/opentofu/suwako-vie0.yaml @@ -1,11 +1,13 @@ -b2_backup_application_key: ENC[AES256_GCM,data:CAlaUBEq/yXSt4KTkkScYp5A4Ct5kBxkBvgGzOQ6jw==,iv:ZtIcvsuzVfnI7iVXoJ8DP2OaVkO54CRiPesqmLo5Y8c=,tag:RS5nhR3KOZPyC4sxq33oyQ==,type:str] -b2_backup_application_key_id: ENC[AES256_GCM,data:lFVeEUgPqFN2avgXhCYRXrTaCD5xeQZuhg==,iv:CnpQ49jEMD3i6xQF9TghqhL93JmTFiWEf3hWUj2tB4c=,tag:AkPNN4pVNNr0AtvrU0UhDQ==,type:str] -enthalpy_node_private_key_pem: ENC[AES256_GCM,data:pVCoWSGTGO1um3F3qeboFnN1DkGiutcRGbjlqtXsH13lhMRgaPPQn0031M5882yUAbuVR2yM8OwxSomDZiIQWQ59bgwB1cgDxVRw43ClE8N0zuNwsOV1CHFJRguVzo+xMULN4nJfvHZCqIIM9LKdQnMfeeRlbDA=,iv:4uWdY0ys9oxLDLhP7yqGTq1BC+vleM9dqQFt8XGoVzE=,tag:kIJadG1l9X76gwuRy2CrMw==,type:str] -heisenbridge_appservice_as_token: ENC[AES256_GCM,data:CBO+Wka9bNGYbWhJv6TcU7X/5WAOOY+PBo7qpm6AMUu8lChV2m4koQY2S7X/0VhhZwLlWvrF5hJF/2IZITzmcQ==,iv:hcsG32bsIph4DQSJkZRXoQLvNsEqp9FOAlySMPi/pWg=,tag:jQDqI4apAj2uog3CUY5VfQ==,type:str] -heisenbridge_appservice_hs_token: ENC[AES256_GCM,data:LIfzT2KfKxTfMxtXaxAwlP8pfc5sk84p9jhzlaqeAC2cUBu0+Q0IAwZkvawgrGWwTdasr9HeEy4SXRBTsT2Qwg==,iv:uPNBHqslNd4CuNM/ce61X8yS6mo6WPyd/a4J4Q6Ozos=,tag:CyN9GaGWKAbp791EeXXfiQ==,type:str] -restic_password: ENC[AES256_GCM,data:9jHuYA5bJtqcumFwfk0565Xiwsc17D0srs88NnlkNvI=,iv:5zOGzQalJdL4NKNmucKg1GHvF8MrXtP8m37/xONL0+U=,tag:e8v9OPfrbB6kH/n3K+amyA==,type:str] -ssh_host_ed25519_key: ENC[AES256_GCM,data:rCGGkuMhIZ2qnWgZRSoal3vugytYy8dt4G1ACodBhNCbwvRbKuqQ4UWqjRLsjjHtloaz7fdFMwHUW5wR0IKAjwWhS6O2kBFLQn7/6QHMjYxnCTzqDflyk56UtVkMhytIG2jcodBXg79zKWnv/RfG0vXBks+m1ICvmzeJz+lVwuRUPw5Hsu0H3FSniDggcYRqiYUL8h/uypIN5y+BOy/xZgd1JlE69eSSB0RROPoNuwmsv1bZIsv9Q6PS8IU4IxhRWVuKWenoPSKDm77UjDpeD5pdCifh7pw4ku/CBFXWfZetIYrxMI9bbd9bouIQ+YX3APQpRgJ0BsdHabLrErH9/MOvNOgF7S6BfFEfSMv/M2DdrEu+Ahc7cfxRpovbZVRg4P9k5IdBukXbOLPxpyMGqO6NEPDjmq6pZMmaiDpOni7EMPLtEyf5c4lgrNH+rvbbJkfJhRBHmIBD/FLGDkSs3Onoj+ES4P+dWP7hFlvutiEVEpEGIbZJa4492Sg9xH3Bbxv+,iv:G/ycq2UAiziJlFTPa8CQlna/+65OOwBhjUU8R98H4vE=,tag:M05zczv6ClT9/pIKsQNO4Q==,type:str] -ssh_host_rsa_key: ENC[AES256_GCM,data:fegWa6oARWXE3SQm0NHM2KpGNeOQat8olp5zee8vY30vHj95kCRNxIl0V7ynyxsVW4c3ntOC1ev1e4qJ5DgHqtLx0aIN3ds8wve+/kmDgN0jwFtjJ85rCqJId6jTsPQi/L9DzbOQL0SvBKPoDnJkHiGR3SwaTeglYrgd5ifrIcPisuQtynwDzUzvHOP8Y+4h6Qix8KCWWtoua+o5+E2kNUhnVLWs9VfCcIzYg65L8ld61xvYzhFpiO8J1eipJe/fslguZXMc4lTXWITNp4d6IZTYW5eyYL/MPHIbx9tZOdza4znAtNAbI6pWlyyf7FFbYqFpvX9H5zeXv213BN3LQjNJ/gC2k6pFPE0DqMhqERnVlQa4635FuLj+pRcp8rh+RDWvfCe30DWZ0m2K0DhVvY62bwqrctBjsK9nbki8sTu7hZHw3qwpNlb5nnQQ8l9VrD7i0u/RLYr9OxUmWijWnfXwciXDAMGGlKTs/dmTJZJ8ALXX8R5n7ULxO4mzxeHRZjHfJkGB8K9CWWxkJ7S1pKUlZXGJwj08WJRQlwCIQX3hvgSOgly/RpdXDsrXp0x8OnfaPl83lIrW7kjTSp2Tkur9vWEoygM0SosRjIljdQf/tQ6+o/odlaf556XWB1BQvULVpbcvDxXUiJcjjq/oCA4N8IOT8xoHdYv3WWpGmo0+c7hz/XkvYXxlKEQ4wpsYJeBARaL1h4FFOELvoeKP/G3/Ad99LccTdKNe63rhL4fJ0tAzBnpw7CUT0BD12PyTYdCUfaK28C5RiWj8Cs++IV/iG28i/htwF6/fd4Jb0/2rwbNZfu1q3Nl/bEAiuzmjjMd/7D5eqpMG8zVfs1tFvGLIy4nNyYhbmDIwjjmys8jbO57W9piEYCMZ13RVpYtviN2Zx2bLyovOUdcPoQTVj3pLreBMKtyuY8LJ1UdpnLFopRDDeijCMaLr5ZTdIsFEXTqh1QxRy2DfIoeOP0qNsqC67yXoVWrxlyd4KAwlnxN/wJsXs+9b2CT5efEvFPHN0D8a/DTogqXBJ9j6OjjNhRSRP6MvvaBnF39zBu6lVlyWbcGwsoaFTo+ak43+hZaXiQ9/1uCKYaPYedWeSLeZFB2uOLy9z37EqwySFJhEU3Cqg7YaP/d56XCx9g30fXJIbJVwHT6AYm3/2jdErH9kXQvKoQFjDcEQzgCroV4E8YiVnjXSe55LQlC2dlrmhCvaEK6JsR23Ljb+sxBXAcBnqZfQjKQa/MdTa5v4lRrDFSm9XTA6TjI+zJxIp0RtfNN7sfTqkfUaRcjwmiFDSVnTNypbgRq3QEkuMca5lPs3mXFzk9yEW2i0bXdTeikg6TIyzYD66A+1NLy3L0BlKoSb00eBn8XV/ALUsI8qUkkcOgmzyPUxN4BxXfVahpeoOzhHHzb8HbxPRJbCdCbXVKWI9iB1PYQfMKLocAVSFk7n8CHi0FWTcZgZrYw+I39ohMDIpSJrfau3bm3Xtle/I6XAY7Ako5qS36QDpSGExohy13iIKkiklm/faSabhnCIfUTFOqfXTjSPOLt/TfrPVkjtbyS6RINpFTxjuZMjKrH5bTuNpKkzGOPrMZj2jS64xC8/g0h89QIpAmoMXC0T+HmcvrxTAQYIEkldYw1LdnZ2FA8op8Zo5MwZt0dUix3GMk7OtORBQM5TooGyasH28G3rP5pqfWsLR2mOXFU+2FyDoxcVGhjpO31Urd24Bhhqmau/eJ4G9ZHJNVSR+by9QHHZsa8SPrUFno8mmjYTI3t+3bJ3oO6G9kEwATGkenyOwdiysv++bhbKhSOM6/oVBtAJSQw4ZV59jtCUyE83gIA9WQtesMQFlM/n0Q0tmD+XPSdHtXCu2zBPFzUW3UlN+FlDinmpKI/Xg7yxjONg6DHEfktZbbEob761KnD91OKfNd2GvN3jjSkYRIifP7e6tAXpJfJuzqFvEn2p0uyUE13rR12yWIhnIudjxhI6CvsB6z28MJfwtqJ1+jymI7Z7ids1Dgkmu/Cc2TobaDsvVoJcK7kqSwGduKdOq8KR/nHeRm1IRXgdPtpgeD9uqDUKyImNxs1qVg6z05O2yEDXMm9GjItpvbQ21ZaFMOofS8O/7ff3gBfhf5p9fU+BZYR2nZevvJw3nrZYOQJv29gq2VZljlWWo/LHK7KBocHoob5i0QseW9I5U+qFcHb/QfltnY7kwMy3T0c5E3HWSiYh6pg1hVO2qIjmFtb/PNiz3YLU7Dnh92Zp2cGf8+TV0xknZT/wlb6XDrnU6fGnXZ3D796Q/X4zINXxlkXX1jHuLEBIhynFDYP7mmszr1HM4oNXAKbcLWRS64A2xi5yYPqZCkVCZqrOCpKorZoEy5wSA2+46XafgYfZThE5/rnUPU4LHRitC651YKnUm+LfIr9/6jOvzA+t7lR3g32S6KRnl8xFVfvK0Om7bm2vNiOq9zqaSCtLGFSECgBZq5CVNa7k7OQsDPkjDmANlh57gd+yUSF+ocSjxhtRFnWDHE/OxsQEjHoocIn6z0CGRp90qXvTkfLll8VDxaTBMgUdrOm0MXC+w1KTIBEhecdyvDBzOYuCtomTW5GYfjsQkCfiuOHnqRhNd7HpIbLDTQhl7FzNfi8ebzDVLgTavIuwi2ZagL30MJFzfXcQKE63H3WK0/6c4N+Km+nycDcficmDY5cvYjGw0uTLXkB6PKUSTVkzKKGtnbX/lZvfem/I4rJggm43Me2RhJJslWsmcqnt8iT1geBGnwUnbOcVTnBxaguXOUw0tCkUqdxlrePXZVXQZEVJ34UPPoxsOhtJVey3S3hBAqTzq5iQAIrxsHRhzab9qZrDo49l2UmKKQvgqFN3Mo76ECpxAnlfq5R7bFVO+slLl8O+zwSO8MmGepx7T+Uhv162MYD9NgbMsYw2UsWZTrHpZvy0gYDzB5KSK0Z8+VD+sE2EgPUZIbxwe3Zsd7ROgOOEXmvliJhGDa+2r1oO/AL9xs15KVOhUIy7eOha0yUNpbrpQjTvnxKC8ocL20J9nCVpxFMrez+XemfLQRcVjK2/QEgc7JXR2RXq9xa9kF1E0+GHfaC0srTmV6QdyJfN/1G5xCekCUlraf4bNmeG8oMJuVSKEs1PyunoiL+28brqCHQOtfa/Z74n/f9R47/KgJfpHKiU+Flc3mp/nR4MquE3Ay1lMrcx/Ze3xQsue9Q2mv8eUBsSmXc4qkbAX1BUU2Fp9fhrOoEzJ9tLgzI3Krzxy9sGku55XWpjQQpDdo6zkhWQYakivb2LvykgWYqCIpa0B2yDoY+890MdDxF0ASq8wvRsif776p1qoBt5BmaDU5SruN57VO8K5p6/A9xhY7fIbe1ZrzlJIiCzs0gfqWKcNZSPGEmt5yDI8943GmDi4bFC7cMpsS+CykC0X73fGvj5kLzSXUhAZl2XmzvqAhXHjrqETL0dO4A8kzjllVAASF64ZGOunigX6995TUt2H7KduAhOaz+hi4CDBiTReWAhcWZYFjWkhPprPBC7yNk1OPY+659g6vpDf2G8PYuXudiLHJHrL2cfiB2VV2SajmFtCjaptz2nPxJYmRRJuwWcFxD3J7rCBNdQuK13Blr13TvETBsB1pOj+/AML0edg2Iw8/DIZpmvKHxIzPJB1zE4Xbj8QaFo2n3Gyu228B86GztpRmWy+t4ZyL/qyAHQt5otrSQIlxrVRrZvMXVn8SX6kCEh0iEr6qElHVwFxz3QMrBY4w+ly2s4+lGNvvneu7luCknHqRohsdTbSUC0bQjIvKCU1P7E1no/aKe5TsKFZOoWHxqtRr5dPvW9Fxx5gKZOK+zQREY3y4LSb4YzJjpGKeL9R+KrwBQDYoYMkIRQq7BzhipPbl7MnBXk6NOajQmU2sXRrFY2rWD0d6EBocJRehIC+82dAC0ssKhahimm7+XZHnKbPTk02n+tOMg3FnkvOTX/rOGOpA5Fy1Qwkla2mAa1+RwCqJop20zXZkOSW7bugCNbr83A00WuVRLvh+ULW14PT1IL6y2XN0NCG9O/g7Yhz2ixrbjnvQ8XUoEDu4duQdER05D65QY3+iqnl6oDREVls+tKiOsqlOInWF3/SX+oOpk68PNN7klZ6KTSw20Bv8dcZReVIzpx8NHAOBSfgufDumKiHim4pAFjWXs7jYhSh43RblwrHasNTlAhlwiFMivFc1xrMOlQXVYxV4dfI9fo8Qt8AK3H64Qkj6dYmyUomXqMkpVBF1mzBuYe9gdeW1PG9u3z3llfUQIUrgzieG/rl/iu2uz8O2sXCJwMp8GxLnsy47Bsz29gujqtoXwVY/sF6A+Ni9aN5uQvuRL4glim+H64zUJPU+1+2GE38vAGqE+JfE+xom7pGts883K07iYeIpPgGMRpZ0XohUWL+TEf+99fhMqhHu7IcFRvFuYD2RaHHrjtieCEhvIYcI+V4vAg1ZknmCX8y6cl5Fe+3qylPJ1allO8lprY4mx3icMwvoP1CA==,iv:FX8ODeC6RlOv05HgQ6jHagxJnMf6HzZjYetZsm1pg+c=,tag:TMmtDZ4fM9R4giqmAYC4kQ==,type:str] +b2_backup_application_key: ENC[AES256_GCM,data:BQDDapOJVvbN9LotP0VxfbqN7Vo1Ss56TMw+nUSnNw==,iv:5aH3PXYP8Dv+Q4BCxrSi4iBWrFv8so7B1KK5W7D/LxQ=,tag:xSX8z0Zj2otB0kmZmSk4Ww==,type:str] +b2_backup_application_key_id: ENC[AES256_GCM,data:O3xtb/hCQOQRPxfy8jLHlkmLaZ1//qEw1w==,iv:T9e+gZaHN8GtNofWLilUh+bjct3mnsHFh1A4Rmq5wpk=,tag:x8RAH9WlRGB6GLF7XQCYfA==,type:str] +enthalpy_node_private_key_pem: ENC[AES256_GCM,data:UTSatV1YabjMKy0g4+fScesa0uspH/4GYuFpQeNAxTkRMWY6ax0CYUIJ5Ob5rdc9Tz2KKxSzpsZkwbUejoPdluQttwli2P7tSjSSpDCALjyNhfvCkGpxzbfMo6rhkamaxKUz/NZiSLrMgmo9zKUgHoLclnw2iQI=,iv:HnR0oMiwl7h4V6dMCIO/Ru2w5bUvEdPl3f21NkEsE90=,tag:FhqkDPOa9y4LtkXwd7YzUA==,type:str] +heisenbridge_appservice_as_token: ENC[AES256_GCM,data:CM1HVwqGQFFb8JoFiOSTlXeK4/cXdI2l+6QZ8CzNDDGYAElYJ/uxPsnzYd+rgQYnQKOmn9C4GKeblr65wnclkA==,iv:GxgxRi2Lj26abmLDbLiOVr8La20f0HSSNXB1l+1AnHE=,tag:Kn2buZ6HL1l1eCry9h2mZQ==,type:str] +heisenbridge_appservice_hs_token: ENC[AES256_GCM,data:3rzkXd3x9WbAphGOYF2tVM7mWYCjQO747XcBWWqoCOAJh0KHdWq+tzUAGu4LZW+L3yNOd7Nkf9x/TE+k0zCl6w==,iv:/KiDohEK/ue9cOpX/QxGmbyqIfjrO+GidrgZRr5zJbI=,tag:3hZYN2SCF51n7U8cKDrhPg==,type:str] +mautrix_telegram_appservice_as_token: ENC[AES256_GCM,data:VKVogTnbSTK4xOrJGlpKlqvpRX4F6UDnDiy35CZcoP7zIkOkaXhA+CfoNTtfVMIvQT64TIgEsu4Tdxc452Aeqw==,iv:gLAhYp+ulPUXUcypWWvwq6ObeJYVeK2fbT9TjAlV8Oo=,tag:F+olBUM/ySCp021Bc3iqYA==,type:str] +mautrix_telegram_appservice_hs_token: ENC[AES256_GCM,data:9vuJYZpXMAAxLR5RgYpJLlqVwZy3Tpa47k/lUVhjpRaEXDRHS3NdVLcqZeddTeAC3cOsQDXyuxO9VqF5shIhJQ==,iv:lykekxngLQidiEm+SS3OjJXsWNa+qcMThvzY0pYCSE0=,tag:R0zGyvhKeVdyFIkQ/nON2g==,type:str] +restic_password: ENC[AES256_GCM,data:P2l+oRzilWKvTPqGfs/Otv35YM5+bSMquqh80ukFQVA=,iv:nha/9J7+03tDwgXZe1asL3MnDkkxIYk06R+cUGpHQPE=,tag:J5Vq6rsSoCgKjlHO72qcvQ==,type:str] +ssh_host_ed25519_key: ENC[AES256_GCM,data:rofDEsrgugA8m2rOZurF0erJErrFjKvamD1G6YZz8JQZObyk4DJtnZBmVokJVZlYgqi5l0LqFc+i7EhZKex1pwD9JdCUMD02dK2mHDCT1f1xG9uGERPNwSGEko5NIqzfuZkmYtFhv7bXiajvYGDUnKZoS0gaWeBZAQ++LhfAutyr7DOzbgp0x0Uj/2+2/HzMX+AEG/LIHTweO9lLVThbt9qPvJF/Tlo40mDix8Vi5DnCgcxyR/1YvNANbxx+wcZCJyYSrevNnFW6sQrmw4YgFpKU4PJIx+Eweiao+qUkPJbUyyk9qLaenDY90SQyhdTu6dsz7SSwwHZPiT8DAg/EpcVSILCfuE4d8s4YdEx4Z18KTDUKLgZUrRcAqC+l5e1gEpQ+NcIjGmfIKpWiNg3k3NcnUWm6O++S77P+K+HnR8+BV3LzQBzZb7tiPpDv7/kjXZqi6Ldgbr2PUtjl8wjgpDxs7Sk5+LNhZIYvTmBcSiibKpsRU7zNsxHUZLmDbNPWhEfB,iv:idLqC8P9uVlNdIKFgridd8A60sJBztNBHYKwtAZSdoA=,tag:mje+NatACTSBIhQdd5nwwA==,type:str] +ssh_host_rsa_key: ENC[AES256_GCM,data:G2XPiFUGIHDpzn6D6FjwAEvJ2eK46HVkqlv+dPnCKpJdgB2JfJexihBxQRQ05CSbvF0dC+hQOpUgGW9Bl4wZR7Z2KKKUHms3I/X/RHorcG4LkWhT5cy0gEla3mV0dJL/iRQYW2RYwUacON6VOXmu/mso21NAz8gttuoFYuLqozG48PUZJNe2h3l2C7Alx1kuxoufVgFwjXbiy75yJt+D2iLwiWuAdtFNZb6VayzwpnhHPeyMwiUi0Q4t/Zql3vxs9liKL7fp0cq3GEwatAq2uZ9VbIKbBwk/gRbjYwC4tfMLaGcKgd2dehj3doBlLk+Nm467uwT1E/CLPkeQXJq8TxwDTYjm7l36789esk+5iMfaxRcGznKl4NMPQ4C06xsXqQLJbpBwykoboOc+tuaX7MRxuoEQCS+puTBgHLI5BRVpUuOI1ocdRLZZ5LQ+zkyKsCkvJwgAYCFfhD/D6Kv7mKt/a+Nz0oBXdf0R257RVQtiTQqYK30IErMqcMNb/AVhajaF/4+Me4G0BZgpb7KnYRBCio5Ki+GOJyOCFclAscUNHIHR8+9DtUC9FPUR+U7mSIc0yr9mBOTrMM109XMn7W8WYE8qmPmDT7k/qinGtrbksI+46qzYmWFgEyyJAXYqMtnt870dKqBoK3WLk2VMA0Ys6pb8n7FLwzmGAFHUeXC7QjsceENDGt22XO6vEbxS3xZ5rPBN/CykMlQz/+aNHCULwLs5pv6Dr4KYP/tiP0u/xKuZOI881SLWqtZwUktNy/CetTbuxYrmW3yxmkETToA5JcaM+dixEI8fQz1IKUHKIr8lIdMuXDCwjCMUphSagOcErowapibdrBKw5ZN7XCiSOwBztzXQT40/toBK1TkXGeYKLrxtF7vhbTcnqortDRDOewsJYXLnO1LMskGfwV30AduQSla+zh+pP5UC42vi6SZeRk6dknSIQ9YvlUseqNnbG1aPF4l69vRJLXrlY8vFM61n3hdyfauZG2N4t5DFHdnbtequSWzst9MaA6XUH43LIB+Xtuzi3bF83I36iZlGcz9rl9I/PRnYC8+gINDj85nP3VUdgkkQ6cIAb7grx3siVYguU7ITRoiTsMfhd27dp2nlZBOYZEWKhx85BBpMbaykIKlx8Ta9Lvt7SYoYVeDip6JKQsk1+qDuZdQbxSTbr8X8iJuf/bP4M460uAjs5vDMHtuvGZASTRXjJzdiWRMN7G6qGzjE3lbgDJ5MEeS/NE2jyERTMaE04h8lgZVPnBxDyqeWwWLAKW5OpteBcu1bcvl46PCUvy9nPHXc/YVkctuvho6956kImZPDyAmMS434kFYRKMKmGsXdTx65fmNSP/HM+8e88Od8uFjSQK4mcbEtaN2vo8NwIfh2ld6AKOJ8fLoqvw7dcY2PqpmQB+F7yosQek4mlcE9XFNHTlreaBULSpYL2SERUpnwh3Xcg3DK6ELdJvqL0tVIPa8YIDhF4e+/EsDywpHXoLGRUN0/HB5ZO0DoO+dGNA4BDjzuqFpw4mlgyLowTE6UiKAaY3lfB1fqpzFgu2EFlb0JA3dcacNiEIAdgLfcl8/FLuiUOEbjiNmIpb8d84AjMFbxv204eMMrYusQKu7rBzqp0uPYGoj6pvqaTATMS/6/FAdHXwe6i2uFSVg7YPBDzcl/ncP+yPsJbbKzPFnFncPBqDMTkbWbchYJ2gFHifxgOBVVi1UmCH21QAlhlYNC1Bx93j4iUvDgkJUREh+bGF7bankUc4OM6nTZDvXZPzIbi8/yql71sC3q4F0SjlpAlkhDg3hoiT2B9Of9DHvKC1UyM3ZaO1RIm7PLCaadf6HWUCnDPcgWceJxkfiSnUTMySVZ01oJgKiZ569b/3kSwgng+jUeRXeSoP8oq+VmL9SmuxYob+yaEZow6QsKOGOgTRTF+np3rJFn4B/mpSPju2h0NJD5MFkjYlsq4RZmLBLDNjRTTjGrT7paqxjiqpnOMk8yvCLdPYDClBJ17CXlXuQjWxaQZkiZp9R5l4pKYJpFTsRi8+fdLtOhmMUsQLTuFceyL3NnB5qGTN1dAWQuBvFODCMFNjzqddWzCXXxByLoDPjhr1uMK62ijCKTtWqZHf3NKXbvu7firgJZ/RrYUVSg1GGM/4G+Da5T3XVWhHOFtc1DmBthgoe2AFVsCyTelXGqXOqYZfeGReaSFyPOGdfj7I4+9gl65hBw8CaY5WLu3vsnjxItZ7+CUEppQ73qGaRuDjTBbu1BUBOskgKHrHh6pKlrXqczsC67GqazkDA+bynATLeEdaDfHhgPRvWzFvTD/QoPtpRaInMgOw+iPdqjwNTznXAkDEGeNJ6J2NMsMFy1nDvuKNCZCSBn0URUdx1YVW5oyhoF7V9/n8ZYKhady0zyjtcoypkfC9FDUkHG6TTR3aJQKxMoOSepCWG/OX+7quOu7JeQ6Bm01vz2u2BKcRUTsm77jbZCgaM0pQg4wxP9kUdLL8PTeIXtf15d+1ENaKjOv+WGgmhriLU2B4N0AfRCWJ1BBRwXXeQ3m3l4LDovtAwJpLgX6NU/5rzvKLzRZFbi4vk6SA95ChcvOyBIlQiPWnCS90zmJ8erXPv1cYCFBwdCqfLRqRXTet5mTcJTO/KJ9s/aY7gJZBRj0HqetvXEEBhjcWCS4rtYVTXw3givsxJzK6UhiSeAD0tbe1J0pSVjUDTHc6M2s2MeEK5fZDm3jsPs/o2/H55VBrL1cPVP+IY7zPUPzNtwtLI80KvXT3U7Gch+K5wERwti+3fjDCO2pU3clNfV9GkhLxBLKmkicv4ByNsfnMbWJt4KjsaCEOKKHPgJn1b8h7+c27LiUIwuw67kz5GPU3Ffogy2eujIs/BGaSXIXnimfeI3P9yCaPD1cb56XnlR2EkaUaq12KFvRn2DT1t1JQHcWu8GTuU4M/GQhJ5Zt/LHNozMhB+FEci+5gVJAayEHV6hdaBIYV14K8f1v+UL0H2/hGzw6/NR3pQkTmwbR0R15PEE4FsU68m7Q0/s9HOZfQyrWelUuqGvxbMOvun3RABVugMEUzoSAveH/w2AG8Pfk6GbaWIVw430PQS73DO6lcpewgzQxhzyv7lx2logeCWBmxByFCXofVKwgdBt6gDf1tLNG6osx7Fhjyo4LzZMIJej/IDzEhbmZrght/po9L3rcW9uhznJNEs+PskovXI6TVL+k1VLujd3/C3FECf8d2ssRPRO/iEM+3Pv7m4xg0jg3HR5Jp6faSBQLjQSXFLg3Fzyzk07e8zGfjU3i3/Q4er9uSsrcDuJfM6MJBxchC/Kw2aPL3XazsXXUF/NmGjeCHOGyPmaRsFcQiRhwNa+vMqvSqYQkcqkqZGfNJx69oOF9A/LeEnjGRx1oGy25RPyOS75ofTvZP2dHRxQMT/1ZbfPcHPv/UcXGhpW6BNE/vx2lOfcTCE1xmrEQ6KEvVrViFVxRkrKsANtpPWfBCIwblUZ+ofjnR0eWVJh4SnubZMe0sz64YEz2aMca28Mi1Bo/iwdo530pM2Pe8GucyKKUF4PlSIJH1vbFKQc7+SdUZJMfV7s+YOHKRdGi457mOC4UjyMqpelY3oFj1BwmI20/f5Za9VBOHE6oKnQfmUN8THW0xKRd8jgum4zhclfvYaAACBDdawk8456Z8jov81fxgYvlAhtJNhNOHs7k1CtK8ZyYsIhs5Uo9Wl+nUfzhTZUgv10iN2aARlhkw29yYHU2ndbwp/RrZMTtxOH+XQ6ds4rlawxmdOufN/CWxZqeZlrXllsbNKcpdkAKguCnuCw+bZcHKD/iGL9hF/tSmyEQ8ne+c+YVWeMN55LYKMrsvuTCEN3HmJSHprq76RNN1lUZKKlEG32clYRcHuCQcixd3E4OO/wHcukUrBUIWr28MDgAuC3q5nFmbPLrqzJdEmaHOShUwJ4bBDuz6VPZ61Nf3DkfE2BuGmcRAsaAoqkJAyUjkDOvpcUX2w14pQjET3zzct2MEv/LAzP9wwlBc1K6cSJwqHxXHUp0IJtwQeLyRWYHSTh/I0wBfynHBCWq7zeedZb6IAnGWiVVnKX6sQBprTwe3Xsi9ujIRquDxaWlu70t7CZQJW1NjynCoVzvBKSU8y/ycxbqAzvmTqFldpcQY9+hZrxu/n00fSTQCND+DNdIytpHhraPJiSCnZSx9lqobJM26odVBGZCfpQ1XfkrmtI/uqtqUMLtwxP6L0Z1YdSOFzYt2cyLf1sdoV43hIsEKqbvo1pWv8aCD115u6l1567qmM/GnUrFzLBc0SlrdmesJIrCj5q4fqx8hy78FrjSJu3N9qc1FmEG6xe3zNOyK/Vnv1gtlMleK3pG70SG68Votl0Fqj5uJ4tlUECTTppBc08LjxC4zs50Jldw7oVQEUdSjGUBIR0HS9I0y7GYkYkLG6XQgE0ZJMamcF2W9996NtyOxvqH6b7MRJPH7/x1Mat294QdoYXs8a/bG7nuDSXMRXR8MeCPg==,iv:1GLy6qgQL8pb8CQ1khYL3QoA5kahIl1gLp6kIEWDZPs=,tag:qQZtUduDuK0FIfDGLlfJrA==,type:str] sops: kms: [] gcp_kms: [] @@ -15,23 +17,23 @@ sops: - recipient: age1sfnct03u4cvfj98x4yjrcrrnu5gg8qgxrwk4uqq8w4e6wveeaedq97rn44 enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSArY25vdG55MUtqNGhMRVJX - bE1YaUtmVnZPQ2haR29YekV5d0Izb3NnTlNJCmZHRkJXR3JrOXRadjRiZGo1L3pl - TCtUUTJTeVVGeGFQWHFyZC9WMEdjVW8KLS0tIHZTUk14bHovWHZDald2OXVhemhq - K093RUhITHRibkxyT3FJYklxOXFHQ0EKP32mUzlzmwe4TJbHl6OXia1oxYz8tLaS - rRzZqpdxqnk4VzA7eVWJuHdipMbW4RJQr4FY7dEUlKIxFlrI5xcWyw== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBpTXZqeVFid0duYlpvYWht + VDFSQ296VTVWWkF1M1I5VDBxaVFCNE9oQmpRCk5wUzc4QWxzRVZkQ1piRkdzM3da + bGxBRDBOWmVZdG1OREJQVTRWeEl5a28KLS0tIE8vdkpzbjRmbW9NaWJvWTRqYW1C + YlRnTmdSa0V4ZXJLMkVvdXZmZmU4WTQKSJJlBp2QsbupIhW2Wsy/RiVCwPWj7109 + S6BFbuNZp2f7eC/rgGVAvLv6fuTer+jfczFQOo5eG8UWUdw0wTHxgA== -----END AGE ENCRYPTED FILE----- - recipient: age1p9xzkzc3zxasgxtd75html0pvrtd6fzvmhz6n388vtjg36d3zffsvma0j0 enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAwVmhGVE1jQXkxcjBFTFA0 - dFUrUEpYdjFmQ0JGeVdsRlNvM0lZWHdDZlZjCkZCZ055UkZBWkVPZDFnNGdzY09y - YzZpWlEyYkpnR2xCanBTc1h5ZTl0dUUKLS0tIDFtTC83OWtJYXptOXlyVFNaL0VQ - L1JFQzBsR2Y0azhId2FTcEd5NkZaSTQKm0IXRyUJSkFjc7U+2K7XJlBCrYlVTodV - Saab1rhDyH626S+du/HuuaSK/aL7XlSM05bNFERgXH2brltRgJcZkQ== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBzQ0ErdWNYU0FCS1NrbUxJ + ak9UYUZWd3Myby9mVVhtdUIwcUowM0pKRURVClhka09BOS8wSDZ3UlFOb0kyVG9i + MkhYbW8vM0RqQzJoeURFWlhYU09PNkEKLS0tICtQbENVRGhHTERCYzljdDMvRkpn + bjJxYXo4Wm50am40cVppdHJzcENBUkEKWRaK3e7GihhY0H4/fhFctPG5fU5bZqHw + jIv/n039IAeAz9Bl2tBb1k8g2V4u3YKkMJvEdpknVA1xxulKywoEOg== -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-12-18T09:06:21Z" - mac: ENC[AES256_GCM,data:h8RsgFTw0o1FOLqdxj4G6XZyqvQ24B/+/qSw4kBXS5pWiFwmV05DjozWH6yfLgEeuw4S6QrJvO/zwr1U88XPhsXm3aIfuHLdedfGUZbtPgbUHBC6boiscaKDHBFDo2hO4eXJI+AYTxeJ4lPjZhP4SLCsxKHJXvxmvrZ+sblPRBg=,iv:IUBiqpTisE9uKlJzkX1+lGWEr23f8qjzDC7rdtVltz4=,tag:f8x9185MeVQr7txpUUsvVw==,type:str] + lastmodified: "2024-12-18T15:49:50Z" + mac: ENC[AES256_GCM,data:jzg5i3HFJgVFJT2no4jgBV5jgoOlkMV2AdqO0us0KpP/ru5VZ4Jq2Wsx3NvA9qJDPl+if2wzKYwwAu6HdpDEkm4wRqkZqo+7n28aXgOHVCMDzKeLqR24L91nOTpCIrGnJWPE74W3L3eyPnhjOeSGq49t26spC+E8Yt5bP8LptY8=,iv:wWkCKw6gW57Z2UoHWYf6AJ50JC5tUo4uWr0rwgeXnJ8=,tag:UmI3zN7HoxXzTA43iY0aVg==,type:str] pgp: [] unencrypted_suffix: _unencrypted version: 3.9.1 diff --git a/secrets/hosts/suwako-vie0.yaml b/secrets/hosts/suwako-vie0.yaml index fa94de3..fe353eb 100644 --- a/secrets/hosts/suwako-vie0.yaml +++ b/secrets/hosts/suwako-vie0.yaml @@ -1,6 +1,7 @@ synapse: signing-key: ENC[AES256_GCM,data:yFxwWDpdQvHetThkK02a/GN3lcw4GNb7BItutO5zisKptG6qB+BdWwHB34oK81J5Rbt3MGLwMwVpa0w=,iv:pQMDF4wSyzLvlRj3jMVbjyx16G76gj7e2ZvEHTB2VUU=,tag:dl1Onm5LNzH2aHZNfnRPbg==,type:str] oidc-client-secret: ENC[AES256_GCM,data:1zUxCuFyTWFvcu7W0dJ70RKyPWW0WY9fJwlaQkYRzok=,iv:8+3w1kz81CfTvzYv8thd/EaEUn2A/OdL8Uw4n0o69tE=,tag:qGTZodnQwOsI/cyXK6X09Q==,type:str] + mautrix-telegram-bot-token: ENC[AES256_GCM,data:SgzTnwfmJqYeAM0PjZ0sosYTgkiw8gR6eszfkpM7VIOTlNmkkJezD5CtSHlsQA==,iv:olLvkkl9VHPrUuKZgOQgpzRMEymm9oYo0hJs8KsiTBE=,tag:eEOjwT7vBTyTRnS6qtu4dg==,type:str] sops: kms: [] gcp_kms: [] @@ -25,8 +26,8 @@ sops: ZjQyOG1ZVDVnTGxBNWR0RGs3d082aGsKqqIdYDPsnvCa5+YFWCqdwAi5vgWuMazv sZF1K96MHFgxgqgGonu2wZN3uj2mGttDRC8ZZmMPEftY1na6VLl40A== -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-12-18T07:21:22Z" - mac: ENC[AES256_GCM,data:TTOlCeSubkpp4CEI+sJ9k0yMoozeSSTWdWPMmRiTGpMNPLI4E9cA0jsTqcHZt06AIFNCRLnRVz9Vjq3oSUbImR/DKb/Ox7u0CVguIpMJW40aU9Jw3whSwehY8EageUqBHgPhuB1GTUF8nTx2WBxpkd9A70foPuvVy4UHqtIrH+I=,iv:uwkl3jbk9jSQQdhPV2CS1BkHfyIcR1SKDpoXsp2xLBI=,tag:wpFL4ir9bs2mNe3TFYY9nQ==,type:str] + lastmodified: "2024-12-18T15:24:09Z" + mac: ENC[AES256_GCM,data:S95HJPOv7L4EvIPRET4vgg6aLW4eGxPywshE9LnVWLHJLXU0ttVx/lbCtCHgO4sdyL1HZsevFWVcixQhwFSH+IoIClS8hUxvhMTEhUDctKtKdRu+JnhX6GlVhCQ4lc3r7q5+wbAGRUu1y8gwyjXmfP/LJQAhfTXlvnHdLyDvP2U=,iv:swUhs97E/34yjcQOCWgZCAqmCmPVW7spavF8xYa3qMQ=,tag:ZkhGAWt1Dj3TPJVMMTy4KQ==,type:str] pgp: [] unencrypted_suffix: _unencrypted version: 3.9.1